Execution of data-dependent programs over encrypted data

Abstract

Fully homomorphic encryption (FHE) is a tool of key importance to organize computations over encrypted data. But its misuse leads to privacy violation in spite of the encryption security. To use FHE correctly in applications one needs to solve a number of rather sophisticated problems. This paper considers delegation of programs evaluation over encrypted data to the untrusted server in the case when algorithms for evaluation are public. The main question in this case is how to organize computations in such a way that their structures don't reveal any information about the encrypted data. This information is called data-dependence. The aim of the study is to construct such protocols for interaction with untrusted server that don't allow it accurately determine the relationship between the amount of computations and the encrypted data. The known solutions to the problem are briefly reviewed, analyzed and their disadvantages are shown. Then we present our three protocols for secure computations. The first protocol solves the problem by hiding the exact number of steps from untrusted server. This is achieved by intentional delay of feedback from the client and without any transformation of the evaluated program. The second protocol simplifies client actions, allowing computation to be fully self-contained. It requires only two communications between the client and server while ensuring the final result achievement and keeping the perfect secrecy. But it significantly increases the amount of computations that server must perform, namely for any input data server carries out the greatest possible number of steps. And third protocol involves the functional encryption. It allows getting final result of computations surely in two interactions between client and server, while not overloading the server too much. Such a protocol is well suited even for computations with worst-case exponential complexity.